Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Nkw4VnItzo0rlJxcU0TCOZxzL0s.roa
File: Nkw4VnItzo0rlJxcU0TCOZxzL0s.roa (raw, json)
Hash identifier: 6piTctOHEpsRs6kd4gJ9SKwBkgRFU3fYmqh2YQASxPA=
Subject key identifier: 36:4C:38:56:72:2D:CE:8D:2B:94:9C:5C:53:44:C2:39:9C:73:2F:4B
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0194972A1B1EF1EC77CA9673C0529BF4A9E7
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Nkw4VnItzo0rlJxcU0TCOZxzL0s.roa
Signing time: Fri 24 Jan 2025 07:15:06 +0000
ROA not before: Fri 24 Jan 2025 07:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.233.59.0/24 maxlen: 24
193.3.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:2a:1b:1e:f1:ec:77:ca:96:73:c0:52:9b:f4:a9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 24 07:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=364c3856722dce8d2b949c5c5344c2399c732f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:d7:14:d3:a8:a1:ad:91:f4:7d:40:b4:8f:
40:c6:0e:27:d6:ad:bd:f9:ab:00:b4:c0:d7:bd:08:
6d:31:e1:96:ea:ca:c3:19:4c:56:b6:2c:aa:8c:51:
6d:44:38:3f:16:48:1b:25:f0:a3:b4:3c:56:5f:7d:
f9:52:c5:59:02:58:e1:e4:6e:49:99:83:8a:69:e0:
3c:fe:5b:2a:67:e9:82:93:4a:8e:12:9f:4f:96:af:
6b:f3:9f:6c:90:ba:22:9f:57:9f:64:13:71:85:ca:
1d:75:04:12:2d:d7:20:3c:80:53:73:45:38:03:a6:
b2:4e:b7:91:eb:27:34:46:e9:45:42:1e:b4:a5:3f:
2a:1a:29:76:e6:9b:41:fd:bb:31:72:e9:f1:c3:f4:
5e:79:8f:a7:80:e2:7e:0d:a5:b3:8a:1c:1a:b3:aa:
52:02:a4:33:29:53:93:f2:db:ca:b2:60:d8:f2:f4:
f8:51:5a:56:f9:cb:59:e9:b7:df:ec:a2:59:15:14:
61:cc:cb:eb:f9:1d:26:2f:d3:d8:a5:d8:a6:19:37:
4e:15:10:33:9b:75:fa:17:1f:68:38:80:b9:e9:a9:
30:75:ff:92:09:a0:ae:f3:3f:5f:3a:8f:0d:d6:00:
37:68:5f:5a:ab:bc:e6:a9:c1:33:74:7f:61:80:ad:
56:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4C:38:56:72:2D:CE:8D:2B:94:9C:5C:53:44:C2:39:9C:73:2F:4B
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Nkw4VnItzo0rlJxcU0TCOZxzL0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
193.3.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:19:0b:79:9d:6d:19:d5:7d:b7:0a:29:c6:60:db:22:07:53:
98:1c:37:a8:21:2a:32:fc:b2:e7:58:df:86:40:34:2e:b8:ae:
25:97:b2:64:b9:15:9c:fc:dc:cc:1c:ee:3b:5a:96:6d:c3:10:
3c:a3:b8:e1:ba:5d:9c:bd:4f:52:8f:f7:23:dc:a9:46:70:ae:
6e:9d:08:7e:77:8a:24:6d:47:c8:47:28:7c:24:2a:23:b0:7e:
d1:3f:37:bd:7a:df:0a:93:66:41:4f:cf:9d:8a:51:68:f4:51:
36:27:cb:b8:9f:ac:6e:7b:cb:96:6b:86:31:84:98:22:8b:da:
58:88:38:e9:ca:b4:0a:25:14:4c:5d:ad:73:60:4c:ef:c8:3c:
c4:56:a8:64:6a:88:62:1e:cd:96:78:38:34:39:3a:6b:af:6b:
b5:ec:1e:e8:24:8f:4d:ea:e7:2b:9a:8b:9f:d4:82:f7:cb:1b:
24:ab:46:e3:92:82:f0:44:36:bc:9f:ed:17:db:45:cb:24:a2:
31:cd:8f:40:f1:ea:d7:77:3c:c5:4b:0d:f4:e8:a9:5e:fc:3a:
b7:a3:3b:22:c3:b4:42:96:fd:b4:a4:b0:44:9a:f2:a4:cb:86:
36:19:71:0d:c2:8b:94:e2:6b:cd:91:31:12:73:64:df:db:72:
31:c1:b2:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSXKhse8ex3ypZzwFKb9KnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTI0MDcxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRjMzg1NjcyMmRjZThkMmI5NDljNWM1MzQ0YzIzOTljNzMyZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2LXFNOooa2R9H1AtI9Axg4n1q29
+asAtMDXvQhtMeGW6srDGUxWtiyqjFFtRDg/FkgbJfCjtDxWX335UsVZAljh5G5J
mYOKaeA8/lsqZ+mCk0qOEp9Plq9r859skLoin1efZBNxhcoddQQSLdcgPIBTc0U4
A6ayTreR6yc0RulFQh60pT8qGil25ptB/bsxcunxw/ReeY+ngOJ+DaWzihwas6pS
AqQzKVOT8tvKsmDY8vT4UVpW+ctZ6bff7KJZFRRhzMvr+R0mL9PYpdimGTdOFRAz
m3X6Fx9oOIC56akwdf+SCaCu8z9fOo8N1gA3aF9aq7zmqcEzdH9hgK1WHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDZMOFZyLc6NK5ScXFNEwjmccy9LMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvTmt3NFZuSXR6bzBybEp4Y1UwVENPWnh6TDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPuk7AwQA
wQMUMA0GCSqGSIb3DQEBCwUAA4IBAQAdGQt5nW0Z1X23CinGYNsiB1OYHDeoISoy
/LLnWN+GQDQuuK4ll7JkuRWc/NzMHO47WpZtwxA8o7jhul2cvU9Sj/cj3KlGcK5u
nQh+d4okbUfIRyh8JCojsH7RPze9et8Kk2ZBT8+dilFo9FE2J8u4n6xue8uWa4Yx
hJgii9pYiDjpyrQKJRRMXa1zYEzvyDzEVqhkaohiHs2WeDg0OTprr2u17B7oJI9N
6ucrmouf1IL3yxskq0bjkoLwRDa8n+0X20XLJKIxzY9A8erXdzzFSw306Kle/Dq3
ozsiw7RClv20pLBEmvKky4Y2GXENwouU4mvNkTESc2Tf23IxwbJb
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:40 2025 by rpki-client